Using Traefik to route to install NAS Program e.g Leantime

Traefik Traefik v2
1

So looking at setting up traefik to redirect incoming url to my MyQNAP.org app. e.g Leantime on the NAS

so I have leantime.webaddress.com setup, but when it routes thru to the app its saying not secure etc. displays basic layout but no formatting.

I have configured fileConfig.yml with the following :
http:
routers:
leantime:
rule: Host(leantime.mywebsite.com)
service: leantime

services:
leantime:
loadBalancer:
servers:
- url: http://192.168.0.199:31322/

2

Share your full Traefik static and dynamic config, use 3 backticks before and after to format config.

3

fileConfig

  routers:
    leantime:
      rule: Host(`leantime.crlljjk;kklk;'.com`)
      service: leantime

  services:
    leantime:
      loadBalancer:
        servers:
          - url: http://192.168.0.199:31322/
  ## MIDDLEWARES ##
  middlewares:
    # Only Allow Local networks
    local-ipwhitelist:
      ipWhiteList:
        sourceRange: 
          - 127.0.0.1/32 # localhost
          - 192.168.1.1/24 # LAN Subnet
    test-auth:
      basicAuth:
        users:
          - "admin:$apr1$8m5eypnf"
    # Security headers
    securityHeaders:
      headers:
        customResponseHeaders:
          X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex"
          server: ""
          X-Forwarded-Proto: "https"
        sslProxyHeaders:
          X-Forwarded-Proto: https
        referrerPolicy: "strict-origin-when-cross-origin"
        hostsProxyHeaders:
          - "X-Forwarded-Host"
        customRequestHeaders:
          X-Forwarded-Proto: "https"
        contentTypeNosniff: true
        browserXssFilter: true
        forceSTSHeader: true
        stsIncludeSubdomains: true
        stsSeconds: 63072000
        stsPreload: true

# Only use secure ciphers - https://ssl-config.mozilla.org/#server=traefik&version=2.6.0&config=intermediate&guideline=5.6
tls:
  options:
    default:
      minVersion: VersionTLS12
      cipherSuites:
        - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
        - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
4 
global:
  checkNewVersion: true
  sendAnonymousUsage: false

serversTransport:
  insecureSkipVerify: true

entryPoints:
  web:
    address: ":80"

  # HTTPS endpoint, with domain wildcard
  https:
    address: :443
    http:
      tls:
        # Generate a wildcard domain certificate
        certResolver: letsencrypt

      middlewares:
        - securityHeaders@file

providers:
  providersThrottleDuration: 2s

  # File provider for connecting things that are outside of docker / defining middleware
  file:
    filename: /etc/traefik/fileConfig.yml
    watch: true

  # Docker provider for connecting all apps that are inside of the docker network
  docker:
    watch: true
    network: traefik-net # Add Your Docker Network Name Here
    # Default host rule to containername.domain.example
    defaultRule: "Host(`{{ index .Labels \"com.docker.compose.service\"}}.crownparkcomputing.com`)"
    swarmModeRefreshSeconds: 15s
    exposedByDefault: false
    endpoint: "tcp://dockersocket:2375" # Uncomment if you are using docker socket proxy

# Enable traefik ui
api:
  dashboard: true
  insecure: true

# Log level INFO|DEBUG|ERROR
log:
  level: INFO
  
accessLog: {}  
# Use letsencrypt to generate ssl serficiates
certificatesResolvers:
  letsencrypt:
    acme:
      email: jhfgj@crownparkcomputing.com
      storage: /etc/traefik/acme.json
      tlschallenge: true
5

What does the Traefik debug log (doc) say about TLS cert generation? Do you see incoming requests in access log?

Also try without the securityHeaders middleware just to see if it works.